Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Hashpass: a simple password manager with a twist

Build status

Hashpass is a password manager which doesn't store any passwords. Instead, it generates passwords on the fly using a cryptographic hash function of the domain of the website you're visiting and a single universal password that you memorize. This gives you:

  • the security of having a unique password for each website,
  • the convenience of only having to memorize one password,
  • the freedom from having to sync your passwords across your devices, and
  • the comfort of knowing that neither you nor any cloud provider can lose your passwords.


How it works

First, you decide on a universal password. That's the only password you need to memorize, so make it a good one.

Suppose your universal password is correcthorsebatterystaple, and you want to sign up for or log into Hashpass combines your universal password with the website domain as follows: It then computes the SHA-256 hash of that string. It hashes it again and again, 2^16 times in total. Finally, it outputs the first 96 bits of the result, encoded as 16 characters in Base64. For this example, the final output is CqYHklMMg9/GTL0g. That's your password for

For people who know how to read computer code, the following Python script implements the Hashpass algorithm:

import base64
import getpass
import hashlib

domain = input('Domain: ').strip().lower()
universal_password = getpass.getpass('Universal password: ')

bits = (domain + '/' + universal_password).encode()
for i in range(2 ** 16):
    bits = hashlib.sha256(bits).digest()
generated_password = base64.b64encode(bits).decode()[:16]

print('Domain-specific password: ' + generated_password)

Installation instructions

You can install Hashpass from the Chrome Web Store here. Then you can find the Hashpass button next to your address bar or in the extensions dropdown. By default, you can also open Hashpass with Ctrl+Shift+P (Cmd+Shift+P on macOS).